Hacking & Security Posts - Page 14

Malware threats continued to grow in 2014, and cybercriminals are working on developing new generations of mobile malware, according to Lookout Security. The company noted a whopping 75 percent jump in Android-based malware threats throughout the year, with criminals shifting focus from SMS scams to new ways to compromise users.

Cybercriminals have found ransomware, though harder to compromise victims, proves more valuable when it comes to return on investment (ROI). End users and business employees are desperate to regain access to compromised devices, so they are more likely to pay a ransom immediately.

Cybersecurity experts recommend mobile users install anti-virus and anti-malware software on their smartphones and tablets, along with being cautious when clicking links and installing apps from unknown sources.

"It could be used for legitimate reasons, right?" was the first thought that went through my head when looking at this website - well that's apparently not the case. If you're looking to seek revenge or hold a grudge and have money to spend - Hackers List will enable you to list up your task and a price - helping you search for the most suitable hacker for your needs.

As described by the New York Times, there are potential clients on here including a Sweedish man offering up $2,000 for someone to hack into his landlord's website and even a lady from California ready to pony up $500 for someone to gain access to his Facebook and Gmail accounts - talk about a healthy relationship!

With over 500 jobs currently listed, everything is completed completely anonymously, with the website working as the 'middle man' when it comes to jobs, correspondence and payment.

The FBI insists North Korea is responsible for breaching Sony Pictures, while some cybersecurity experts aren't so sure. John McAfee, an eccentric cybersecurity pioneer, says he knows what group is responsible for breaching SPE - and it wasn't the North Koreans.

"I can guarantee they are wrong,"McAfee recently told IBTimes UK, while speaking about the FBI's assertion that North Korea is involved. "It has to do with a group of hackers - I will not name them - who are civil libertarians and who hate the confinement the restrictions the music industry and the movie industry has placed on art and so they are behind it."

McAfee spent much of his career defending users and companies against hackers - but has a mutual respect for hackers today, saying "they want freedom, freedom of expression, freedom to live unobserved."

Kim Jong-un became "supreme leader" of North Korea at a young age, and has shown political instability since his reign began in 2011. The North Korean government, meanwhile, has steadily invested time and resources into its Bureau 121 hacker division, aiming to compromise political rivals.

"In the case of the DPRK, the paranoia is amplified to the extreme," according to a commentary written about North Korea's cyberattack motivations on InformationWeek's Dark Reading. It's true that the North Korean government, which strives to maintain full control of its citizens, is suspicious of all outsiders - and launching cyberattacks to steal information has evolved into a valuable asset.

The FBI continues to say North Korea is behind the major data breach of Sony Pictures - and whether the reclusive government is responsible - foreign governments and cybersecurity companies are paying attention to Pyongyang's rising cyberattack capabilities.

The US National Security Agency (NSA) and British GCHQ intelligence agencies plan to step up their cybersecurity cooperation, as both governments face increasing numbers of cyberattacks. The agencies plan to launch cyber war games to test the cybersecurity of financial institutions, hoping to defend against the "biggest modern threats that we face."

"We have got hugely capable cyber defenses, we have got the expertise and that is why we should combine as we are going to, set up cyber cells on both sides of the Atlantic to share information," said British Prime Minister David Cameron during a press conference.

Following mass surveillance operations detailed by former NSA contractor Edward Snowden, critics said the US and UK government should focus on beefing up cybersecurity efforts - instead of spying on citizens, residents, and foreign governments - as cyberespionage campaigns target both countries.

The Lizard Squad made waves with their massive DDoS attacks on PlayStation and Xbox Live networks over the Christmas holiday. These attacks spoiled Christmas for untold millions of people as the DDoS attacks crippled servers and left shiny new game consoles unable to connect to online services. These attacks appear to be part of a larger marketing scheme for the Lizard Squad's DDoS-for-hire services.

The Lizard Squad isn't afraid to taunt authorities and that has drawn even more scrutiny. However, they have been very successful at remaining in the shadows, until now. UK police with the South East Regional Organized Crime Unit (SEROCU) cyber crime unit apprehended an 18-year-old male connected with the recent PlayStation and Xbox Live DDoS attacks. The man was also charged with several swatting incidents, in which a fake police call is made to instigate police raids against others.

Cybercriminals want to breach US companies, stealing data and customer records, and have found surprising levels of success. Some breached companies eventually discover that criminals spent months poking aroun compromised systems, taking their time before stealing large amounts of data.

The US government wants companies to be more forthcoming about data breaches once they are discovered, but some companies - if they actually know about it - remain quiet. Companies will be given some leeway if they inform the Department of Homeland Security (DHS) about cybersecurity incidents after they do occur, according to changes the Obama Administration plans to put in place.

"There is an element of embarrassment at work here," said Robert Cattanach, partner at the Dorsey & Whitney law firm, in a statement published by reporters. "But hacking is not a problem that any one company can solve alone."

The Department of Homeland Security (DHS) is a bureaucratic mess when it comes to cybersecurity - and would be inefficient and overmatched trying to protect citizens and other federal branches. This news comes as part of the "A Review of the Department of Homeland Security's Missions and Performance" report, which heavily scrutinized DHS activities.

"Widespread weaknesses in the federal government's information security practices represent a significant vulnerability that could be exploited by adversaries, creating a potential threat to national security and American citizens," according to the report.

It's not just hacktivists trying to breach US infrastructure, but foreign states with sophisticated cyberespionage programs. The DHS itself has failed in maintaining its own security protocols, let alone trying to secure other departments from potential cyberattack.

The French government announced there are 19,000 civilian websites now under cyberattack by unknown sources, in a wide-ranging attack. The French Defense Ministry recently faced a targeted distributed denial of service (DDoS) attack, according to officials discussing the ongoing cyber operation.

"These attacks have no effect on the conduct of our operations," said Rear Admiral Arnaud Coustilliere, in a statement to CNNMoney. Reportedly, the attacks are targeting websites while hoping for weak cyber defenses, though the top visited French websites appear to be working fine.

Over the past week, cybercriminals have posted pro-Islamic images and messages on various religious groups websites and other sites. The Anonymous hacker group temporarily downed a jihadist website last week and the Charlie Hebdo magazine released a new edition that has sold millions of copies.

The threat of mobile malware continues to increase, with rates jumping 75 percent in 2014, according a report published by Lookout. Mobile users are urged to run some type of anti-virus and anti-malware security platform on their smartphones and tablets, as threats rise.

There are a number of different types of attacks, but ransomware has cybersecurity firms extremely anxious, especially as users download apps and other files from unknown sources. It may be harder to infect users with ransomware, but payouts are larger, as victims have to turn over a ransom for full control of their devices again.

"It all goes back to monetization, what's the endgame?" pondered Kevin Mahaffey, co-founder and CTO of Lookout, in a statement published by CNBC. "While it can be complicated it can generate a huge amount of money. The bad guys aren't stupid and they wouldn't do this if they weren't making money."